1. Technical Field
The present invention generally relates to electronic device security, and particularly relates to protecting Subscriber Identity Module Lock (“SIMLock”) information or like enabling data in an electronic device.
2. Background
Electronic devices, particularly mobile communication devices such as cellular radiotelephones, are oftentimes sold subject to one or more usage restrictions. For example, a device may be restricted to work only in certain countries, only with certain communication networks and/or service providers. Subscriber Identity Module (SIMs) can play a key role in enforcing such restrictions, whether implemented as hardware in card form, or implemented in software.
In particular, a device may include security elements that enforce a “SIM Lock,” abbreviated herein as “SIMLock,” which restricts the SIMs that can be used with the device. For example, the SIMLock on a given device may be configured to lock the device to accept SIMs only from a specific network operator, or only for a specific country. As a further example, some devices include SIMLocks that lock those devices to specific SIMs, thereby disallowing swapping of SIM information from one device to another. An operator might, for example, equip “premium” or high-capability devices with that type of restrictive SIMLock, to ensure that any purchase subsidies provided by the operator are recouped through long-term subscription agreements.
Removing, disabling, or otherwise circumventing SIMLocks, all of which may be generally referred to as SIMLock fraud, represents a significant expense to network operators, because it partially or wholly prevents them from receiving expected subscription contract revenues. To that end, there is significant interest in developing SIMLock mechanisms that are difficult to defeat or otherwise circumvent, but which are also practical from economic and circuit implementation perspectives.
For example, Advanced Risc Machines® (ARM®) provides a secure processing architecture marketed under the TrustZone® brand. TrustZone® integrates hardware and software security, in part by providing dual-processing environments, including a secure processing environment, which may be used for SIM verification and related processing, and a non-secure environment, which may be used for general device processing. Further examples of secure processing environment provisions with applicability to SIM-related processing involve the Trusted Computing Group™, which is an association of various companies, including AMD®, Intel®, HP®, and others.